20160504 리눅스 네트워크
=============================================메모=============================================
\\172.16.13.1 (ID/PW : soldesk/soldesksecurity1.)
\00_기초과정
\윈도우서버
=============================================복습=============================================
=============================================강의=============================================
http://www.naver.com -> /var/www/html/index.html
http://cafe.daum.net/A -> /var/www/html/A/index.html (일반적인 경우)
/home/A/public_html/index.html (사용자인 경우)
(2) /etc/httpd/conf/httpd.conf 파일 분석
httpd.conf 파일은 3가지 섹션으로 구분한다.
l Section 1 : Global environment
l Section 2 : "Main" server configuration
l Section 3 : Virtual hosts
(Section 1) 중요한 지시자(Directive)
l ServerType
l ServerRoot
l StartServers
MinSpareServers
MaxSpareServers
l MaxClients
l LoadModule
(Section 2) 중요한 지시자(Directive)
l Listen
l User/Group
l DocumentRoot
l <Directory "/path/to/somedir"> </Directory>
l AccessFileName
l Log file locations and formats
l Modules specific configuration blocks
l MIME type definitions and handlers: /etc/mime.types
(Section 3) 중요한 지시자(Directive)
l NameVirtualHost
l <VirtualHost 10.100.0.50> ... </VirtualHost>
l ServerName
l Documentation
-> "Section 3"의 설정은 "Section 2"에 설정을 덮어 쓰게 된다.
Virtual Hosting
■ 이름 기반 가상 호스트(Name-based Virtual Hosting)
■ IP 기반 가상 호스트(IP-based Virtual Hosting)
■ 포트 기반 가상 호스트(Port-based Virtual Hosting)
■ 혼합된 형태(Mixed Virtual Hosting)
(ㄱ) 이름 기반 가상 호스팅(Name-based Virtual Hosting)
www.daum.net -> /www1/index.html
www.paran.com -> /www2/index.html
www.yahoo.com -> /www3/index.html
---------------------------------
NameVirtualHost 172.16.9.240
<VirtualHost 172.16.9.240>
ServerName www.foo.com
DocumentRoot /www1
</VirtualHost>
<VirtualHost 172.16.9.240>
ServerName www.bar.com
DocumentRoot /www2
</VirtualHost>
<VirtualHost 172.16.9.240>
ServerName www.chan.com
DocumentRoot /www3
</VirtualHost>
---------------------------------
(ㄴ) IP 기반 가상 호스팅(IP-based Virtual Hosting)
172.16.9.240 -> /www1/index.html
172.16.9.140 -> /www2/index.html
172.16.9.241 -> /www3/index.html
---------------------------------
<VirtualHost 172.16.9.240>
ServerName www.foo.com
DocumentRoot /www1
</VirtualHost>
<VirtualHost 172.16.9.140>
ServerName www.bar.com
DocumentRoot /www2
</VirtualHost>
<VirtualHost 172.16.9.241>
ServerName www.chan.com
DocumentRoot /www3
</VirtualHost>
---------------------------------
(ㄷ) 포트 기반 가상 호스팅(Port-based Virtual Hosting)
172.16.9.240:80 -> /www1/index.html
172.16.9.240:8080 -> /www2/index.html
---------------------------------
Listen 80
Listen 8080
<VirtualHost 172.16.9.240:80>
ServerName www.foo.com
DocumentRoot /www1
</VirtualHost>
<VirtualHost 172.16.9.240:8080>
ServerName www.bar.com
DocumentRoot /www2
</VirtualHost>
---------------------------------
(4-4-2) IP 기반 가상 호스팅(IP-based Virtual Hosting)
IP-based Virtual Hosting을 설정하기 위해서는 여러개의 인터페이스와 여러개의 IP가 필요하다. 테스를 할 때는
가상 인터페이스를 사용한다.
(선수지식) NIC(Network Interface Card) = Network Card = Network Interface
■ Physical Interface (EX: eth0, eth1, .....)
■ Logical Interface (EX: eth0:1, eth0:2, ..., eth1:1, eth1:2, ...)
(=Virtual Interface)
(가상인터페이스 이름) eth0:X (X is 1, 2, 3 ....)
l eth0 -> 172.16.9.XXX (EX: 172.16.9.1XX) 172.16.9.101 172.16.9.122
l eth0:1 -> 172.16.9.YYY (EX: 172.16.9.15X) 172.16.9.151 172.16.9.172
l eth0:2 -> 172.16.9.ZZZ (EX: 172.16.9.5X ) 172.16.9.51 172.16.9.72
(실무 예) 이름 기반 가상 호스트(Name-Based Virtual Hosting) 설정의 대표적인 예
■ 도메인 이관작업시 : www.paran.com -> www.daum.net
http://www.paran.com ------> /www1
http://www.daum.net ------> /www1
l 이전 도메인(www.paran.com)과 새로운 도메인(www.daum.net)이 한동안은 같은 페이지의 웹페이지를 보여줘야 한다.
l 따라서, 다른 도메인 이름들이 같은 공간의 소스 디렉토리를 가리키고 있으면 된다.
(실무 예) 이름 기반 가상 호스트(Name-Based Virtual Hosting) 설정의 대표적인 예
■ 웹호스팅 업체(EX: 가비아)
l 요청량이 적은 웹서버 구성에 대해서 한대의 물리적인 서버에 가상 호스트 설정을 통해 약 60개 ~ 120개 정도의 도메인을 구성한다.
l 웹 요청량이 많은 경우에는 다량의 물리적인 서버를 통해 한개의 웹서비스를 하지만, 요청량이 적은 웹서버의 경우에는 한대의 물리적인 서버에 가상 호스트를 여러개 구현한다.
(실무 예) IP 기반 가상 호스트 설정(IP-Based Virtual Hosting)의 대표적인 예
■ 회사 내부에서 보여주는 웹페이지와 회사 외부에서 보여주는 웹페이지 틀려야 하는 경우
----- WEB Server ----------
(eth0) (eth1)
http://www.daum.net/ ==========> 172.16.9.2XX 192.168.10.2XX <========= http://192.168.10.2XX
http://172.16.9.2XX/ /www1 /www2
---------------------------
http://www.daum.net -----> /www1
http://192.168.10.2XX -----> /www2
l 한대의 물리적인 서버에 여러장의 NIC 존재하고, 회사 외부에서 요청할 때의 웹페이지와 회사 내부에서 요청할 때의 웹페이지가 달라야 하는 경우에 사용한다.
(4-6) 아파치 버전과 운영체제 정보 숨기기
■ 웹서버 정보 확인하기
-> 웹서버 종류와 버전 정보 간략하게 확인
-> http://lebutch.org/httpinfo.html
www.naver.com (nginx)
www.yahoo.co.kr (YTS/1.20.10)
www.google.co.kr (gws)
www.samsung.co.kr (Oracle-iPlanet-Web-Server/7.0)
-> 웹서버 종류와 버전 정보 자세하게 확인
-> http://news.netcraft.com/
(2) 무료 웹 방화벽
최근 홈페이지를 통한 악성코드 유포, 피싱 사이트로 악용 등 웹 해킹의 피해가 심각한 수준에 이르고 있다. 한국 정보보호진흥원은 신규 보안투자 여력이 없는 중소기업의 웹 보안 강화를 위해 기본적인 웹 해킹을 차단할 수 있는 공개웹방화벽 2종을 추천하고 있다.
■ IIS용 WebKnight
ATRONIX社에서 개발한 IIS 웹서버용 공개 웹방화벽으로 SQL Injection 공격 등 IIS 웹서버의 주요 공격 차단 가능
홈페이지 : http://www.aqtronix.com
■ APACHE용 ModSecurity
Ivan Ristic이 개발한 Apache 웹서버용 공개웹방화벽으로 PHP Injection 공격 등 Apache웹서버의 주요 공격차단가능
홈페이지 : http://www.modsecurity.org
■ 자세한 사항은 다음을 참고한다.
■ 공개용 웹방화벽
http://www.krcert.or.kr/download/webFirewall.do
■ 웹 취약점 점검
http://www.krcert.or.kr/webprotect/webVulnerability.do
(정리) Apache WEB Server
■ 간단한 웹서버 구성 실습
- 관리자 페이지 구성
- 사용자 페이지 구성
http://www.linux220.example.com/~user01/
http://www.linux220.example.com/user01/
■ CGI 설정(shell, perl, php)
■ .htaccess 파일을 이용한 웹 페이지 보호
■ 가상 호스트 구성
■ 서버의 상태/통계 모니터링
■ 아파치 버전과 운영체제 정보 숨기기
■ 웹 서버 보안
- 웹 방화벽
- 무료 웹 방화벽
- 무료 웹 서버 점검
■ APM(Apache + PHP + MySQL) 설치
- yum을 통해 구성하는 경우
- 소스 컴파일을 통해 구성하는 경우
Appendix B. HTTP Status Code and Reason Phrase
o 1xx: Informational - Request received, continuing process
o 2xx: Success - The action was successfully received, understood, and accepted
o 3xx: Redirection - Further action must be taken in order to complete the request
o 4xx: Client Error - The request contains bad syntax or cannot be fulfilled
o 5xx: Server Error - The server failed to fulfill an apparently valid request
Status-Code = "200" ; OK
"403" ; Forbidden
"404" ; Not Found
"500" ; Internal Server Error
FTP (File Transfer Protocol) 파일 전송 프로토콜
Anonymous FTP (anonymous File Transfer Protocol) ; 익명 FTP
FTP(File Transfer Protocol) 프로그램의 종류
리눅스에서 사용할수 있는 FTP 프로그램은 여러가지이다.
Ÿ wu-ftpd : 예전 RedHat Linux에서 사용하던 기본 FTP 프로그램
Ÿ vsftpd : 현재 많이 사용되고 있는 기본 FTP 프로그램
Ÿ proftpd : 현재 많이 사용되고 있는 기본 FTP 프로그램
Ÿ 기타(gssftp, tftp, sftp...)
vsFTP(Very Secure FTP) 개요
Ÿ 안정적이고 빠르며 보안이 강화된 FTP로 Redhat, Suse, Open-BSD등에서 기본으로 채택하는 FTP서버이다.
Ÿ 기본 프로그램인 vsFTP 프로그램은 Standalone 방식으로 동작하고 있다.
Ÿ (주의) xinetd 방식의 서비스가 아니다. standalone 방식의 서비스이다.
패키지: vsftpd
------ vsFTP Server -----
vsftpd(20,21)
/etc/vsftpd/vsftpd.conf
- /home/<사용자> => 인증된 사용자 접속(EX: user01,fedora)
- /var/ftp => 익명 사용자 접속 (EX: anonymous)
-------------------------
(결론) vsftpd 서비스가 실행되면
- (일반사용자)는 /etc/vsftpd/ftpusers, /etc/vsftpd/user_list 파일에 등록이 되어 있지 않기 때문에 FTP 로그인이 가능하다.
- (root 사용자)는 /etc/vsftpd/ftpusers, /etc/vsftpd/user_list 파일에 등록에 등록 되어 있기 때문에 FTP 로그인이 가능하지 않다. 이런 경우 두개의 파일에서 root 라인을 삭제하면 된다. 하지만, 이 설정은 실무에서는 권장하지 않는다. root 사용자로 로그인 하는 것은 보안상 좋지 않다.
-----> /etc/vsftpd/ftpusers -> /etc/vsftpd/user_list ----->
user01 (X) -----> Login incorrect (Login Fail)
(X) user01 -----> Permission denied (Login Fail)
(X) (X) -----> Login successful (Login Success)
(5-2) (TUI) ftp 명령어 사용
(명령어 사용법)
# ftp <IP> (EX: # ftp 172.16.9.252)
# ftp <IP> <PORT> (EX: # ftp 172.16.9.252 21)
# ftp 172.16.9.252
사용자로 로그인
(ㄱ) 업로드/다운로드 포인터 맞추기(cd/lcd)
(ㄴ) 편리한 기능 설정(bin/hash/prompt)
(ㄷ) 업로드/다운로드(mget/mput/get/put)
(ㄹ) 확인/해제(ls/dir/bye/quit)
=============================================실습=============================================
(1-3) 사용자를 위한 웹 기본 설정
[root@linux120 ~]# tail /etc/passwd
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
avahi-autoipd:x:100:102:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
fedora:x:500:500:fedora:/home/fedora:/bin/bash
tomcat:x:91:91:Tomcat:/usr/share/tomcat5:/bin/sh
user01:x:501:501::/home/user01:/bin/bash
user02:x:502:502::/home/user02:/bin/bash
user03:x:503:503::/home/user03:/bin/bash
[root@linux120 ~]# su - user01
[user01@linux120 ~]$ id
uid=501(user01) gid=501(user01) groups=501(user01)
[user01@linux120 ~]$ pwd
/home/user01
[user01@linux120 ~]$ mkdir public_html
[user01@linux120 ~]$ cd public_html/
[user01@linux120 public_html]$ vi index.html
[user01@linux120 public_html]$ cat index.html
<H1><CENTER>Web Server(linux120 : user01)</CENTER></H1>
[user01@linux120 public_html]$ cd
[user01@linux120 ~]$ ls -ld
drwx------ 4 user01 user01 1024 May 4 16:17 .
[user01@linux120 ~]$ chmod 755 /home/user01
[user01@linux120 ~]$ ls -ld
drwxr-xr-x 4 user01 user01 1024 May 4 16:17 .
[user01@linux120 ~]$ exit
logout
[root@linux120 ~]# vi /etc/httpd/conf/httpd.conf
[root@linux120 ~]# service httpd restart
Stopping httpd: [FAILED]
Starting httpd: [ OK ]
[root@linux120 ~]# firefox http://www.linux220.example.com/~user01
(Gecko:5040): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:5040): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
[root@linux120 ~]# pic01
(1-4) 사용자를 위한 웹 기본 설정2
(웹 요청 비교)
http://www.linux2XX.example.com/~user01
http://www.linux2XX.example.com/user01 (http://cafe.daum.net/bscsolaris)
[root@linux120 ~]# vi /etc/httpd/conf/httpd.conf
[root@linux120 ~]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 ~]# firefox http://www.linux220.example.com/user01/
(Gecko:5276): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:5276): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
[root@linux120 ~]# pic02
[root@linux120 ~]# cat /etc/httpd/conf/httpd.conf | grep DocumentRoot
# DocumentRoot: The directory out of which you will serve your
DocumentRoot "/var/www/html"
# This should be changed to whatever you set DocumentRoot to.
# DocumentRoot /www/docs/dummy-host.example.com
[root@linux120 ~]# mkdir -p /var/www/html/user100
[root@linux120 ~]# echo hello > /var/www/html/user100/index.html
[root@linux120 ~]# firefox http://www.linux220.example.com/user100/
(Gecko:5754): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:5754): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
[root@linux120 ~]# pic03
[root@linux120 ~]# vi ~/.bashrc
[root@linux120 ~]# cat ~/.bashrc
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
#
# Specific Configuration
#
export PS1='[\u@\h \w]\$ '
alias ls='ls --color=tty -h'
alias pps='ps -ef | head -1 ; ps -ef | grep $1'
alias vi='/usr/bin/vim'
alias grep='grep -i --color'
alias a='cd /test && rm -rf /test/*'
alias b='cp /etc/passwd file1 ; cp file1 file2 ; cp file1 file3'
alias c='clear'
alias df='df -h -T'
#
# Log Monitoring
#
alias mlog='tail -f /var/log/messages'
#
# DNS Alias
#
alias named.caching-nameserver.conf='vi /var/named/chroot/etc/named.caching-nameserver.conf'
alias named.rfc1912.zones='vi /var/named/chroot/etc/named.rfc1912.zones'
alias DNS='cd /var/named/chroot/var/named'
#alias named-checkconf='named-checkconf /var/named/chroot/etc/named.caching-nameserver.conf'
#
# Alias for Web Server
#
alias WEB='cd /etc/httpd/conf'
alias WWW='cd /var/www/html'
alias httpd.conf='vi /etc/httpd/conf/httpd.conf'
alias wlog='tail -f /etc/httpd/logs/access_log'
alias welog='tail -f /etc/httpd/logs/error_log'
[root@linux120 ~]# . ~/.bashrc
[root@linux120 ~]# cd /etc/httpd
[root@linux120 /etc/httpd]# find .
.
./conf
./conf/magic
./conf/httpd.conf
./modules
./run
./logs
./conf.d
./conf.d/welcome.conf
./conf.d/README
./conf.d/php.conf
./conf.d/webalizer.conf
./conf.d/perl.conf
./conf.d/ssl.conf
./conf.d/manual.conf
./conf.d/python.conf
./conf.d/squid.conf
./conf.d/proxy_ajp.conf
[root@linux120 /etc/httpd]# service httpd
Usage: httpd {start|stop|restart|condrestart|try-restart|force-reload|reload|status|fullstatus|graceful|help|configtest}
[root@linux120 /etc/httpd]# httpd -t
Syntax OK
[root@linux120 /etc/httpd]# service httpd configtest
Syntax OK
[root@linux120 /etc/httpd]# httpd -v
Server version: Apache/2.2.3
Server built: Sep 16 2014 11:29:05
[root@linux120 /etc/httpd]# service httpd stop
Stopping httpd: [ OK ]
[root@linux120 /etc/httpd]# cd /etc/httpd/conf
[root@linux120 /etc/httpd/conf]# cp httpd.conf httpd_test.conf
[root@linux120 /etc/httpd/conf]# ls
httpd.conf httpd_test.conf magic
[root@linux120 /etc/httpd/conf]# httpd -f /etc/httpd/conf/httpd_test.conf
[root@linux120 /etc/httpd/conf]# pgrep -lf httpd
5919 httpd -f /etc/httpd/conf/httpd_test.conf
5920 httpd -f /etc/httpd/conf/httpd_test.conf
5921 httpd -f /etc/httpd/conf/httpd_test.conf
5922 httpd -f /etc/httpd/conf/httpd_test.conf
5923 httpd -f /etc/httpd/conf/httpd_test.conf
5924 httpd -f /etc/httpd/conf/httpd_test.conf
5925 httpd -f /etc/httpd/conf/httpd_test.conf
5926 httpd -f /etc/httpd/conf/httpd_test.conf
5927 httpd -f /etc/httpd/conf/httpd_test.conf
[root@linux120 /etc/httpd/conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 /etc/httpd/conf]# pgrep -lf httpd
5947 /usr/sbin/httpd
5949 /usr/sbin/httpd
5950 /usr/sbin/httpd
5951 /usr/sbin/httpd
5952 /usr/sbin/httpd
5953 /usr/sbin/httpd
5954 /usr/sbin/httpd
5955 /usr/sbin/httpd
5956 /usr/sbin/httpd
[root@linux120 /etc/httpd/conf]# vi /etc/httpd/conf/httpd.conf
[root@linux120 /etc/httpd/conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 /etc/httpd/conf]# chkconfig httpd on
[root@linux120 /etc/httpd/conf]# lynx http://www
[root@linux120 /etc/httpd/conf]# pic04
[root@linux120 ~]# mkdir /www1
You have new mail in /var/spool/mail/root
[root@linux120 ~]# vi /www1/index.html
[root@linux120 ~]# cat /www1/index.html
<H1><CENTER> www1 (linux220:/www1) </CENTER></H1>
[root@linux120 ~]# vi /etc/httpd/conf/httpd.conf
[root@linux120 ~]# cat /etc/httpd/conf/httpd.conf | tail
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin root@linux220.example.com
DocumentRoot /www1
ServerName www.linux220.example.com
<Directory /www1>
Options indexes includes
</Directory>
</VirtualHost>
[root@linux120 ~]# httpd -t
Syntax OK
[root@linux120 ~]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 ~]# lynx http://www
[root@linux120 ~]# pic05
[root@linux120 ~]# vi /etc/httpd/conf/httpd.conf
[root@linux120 ~]# cat /etc/httpd/conf/httpd.conf | tail
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin root@linux220.example.com
DocumentRoot /www1
ServerName www.linux220.example.com
<Directory /www1>
Options indexes includes
</Directory>
ScriptAlias /cgi-bin/ /www1/cgi-bin/
</VirtualHost>
[root@linux120 ~]# mkdir /www1/cgi-bin
[root@linux120 ~]# cd /www1/cgi-bin
[root@linux120 /www1/cgi-bin]# vi test.cgi
[root@linux120 /www1/cgi-bin]# cat test.cgi
#!/bin/bash
echo "Content-Type: text/html"
echo ""
echo "<pre>"
echo "My username is : "
whoami
echo ""
echo "My id is : "
id
echo ""
echo "</pre>"
[root@linux120 /www1/cgi-bin]# chmod 555 test.cgi
[root@linux120 /www1/cgi-bin]# httpd -t
Syntax OK
[root@linux120 /www1/cgi-bin]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 /www1/cgi-bin]# lynx http://www.linux220.example.com/cgi-bin/test.cgi
[root@linux120 /www1/cgi-bin]# pic06
[root@linux120 /www1/cgi-bin]# vi test.cgi
[root@linux120 /www1/cgi-bin]# cat test.cgi
#!/bin/bash
echo "Content-Type: text/html"
echo ""
echo "<pre>"
echo "My username is : "
whoami
echo ""
echo "My id is : "
id
echo ""
echo "Server File System Usage Monitoring"
df -h
echo ""
echo "Server IP"
ifconfig
echo ""
echo "</pre>"
[root@linux120 /www1/cgi-bin]# firefox http://www.linux220.example.com/cgi-bin/test.cgi &
[1] 6804
[root@linux120 /www1/cgi-bin]#
(Gecko:6804): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:6804): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
[1]+ Done firefox http://www.linux220.example.com/cgi-bin/test.cgi
[root@linux120 /www1/cgi-bin]# pic07
[root@linux120 /www1/cgi-bin]# rpm -q mod_perl
mod_perl-2.0.4-6.el5
[root@linux120 /www1/cgi-bin]# cd
[root@linux120 ~]# cd /etc/httpd/conf.d
[root@linux120 /etc/httpd/conf.d]# ls
manual.conf perl.conf php.conf proxy_ajp.conf python.conf README squid.conf ssl.conf webalizer.conf welcome.conf
[root@linux120 /etc/httpd/conf.d]# vi perl.conf
[root@linux120 /etc/httpd/conf.d]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 /etc/httpd/conf.d]# cd /var/www
[root@linux120 /var/www]# ls
cgi-bin error html icons manual usage
[root@linux120 /var/www]# mkdir -p perl
[root@linux120 /var/www]# vi /perl/test.pl
[root@linux120 /var/www]# ls
cgi-bin error html icons manual perl usage
[root@linux120 /var/www]# cd perl
[root@linux120 /var/www/perl]# ls
[root@linux120 /var/www/perl]# vi test.pl
[root@linux120 /var/www/perl]# cat test.pl
#!/usr/bin/perl
use strict;
print "Content-Type: text/html; charset=ISO-8859-1\n\n";
print "<HTML><BODY><H1><CENTER>";
print "The current Perl time is:<BR>";
print scalar localtime();
print "</CENTER></H1></BODY></HTML>"
[root@linux120 /var/www/perl]# chmod 755 test.pl
[root@linux120 /var/www/perl]# firefox http://www.linux220.example.com/perl/test.pl
(Gecko:6940): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:6940): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
[root@linux120 /var/www/perl]# pic08
[root@linux120 /var/www/perl]# rpm -q php
php-5.1.6-45.el5_11
[root@linux120 /var/www/perl]# echo "<?php phpinfo(); ?>" > /www1/index.php
[root@linux120 /var/www/perl]# firefox http://www.linux220.example.com/index.php &
[1] 7029
[root@linux120 /var/www/perl]#
(Gecko:7029): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:7029): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
[1]+ Done firefox http://www.linux220.example.com/index.php
[root@linux120 /var/www/perl]# pic09
[root@linux120 /var/www/perl]# vi /www1/test.php
[root@linux120 /var/www/perl]# cat /www1/test.php
<HTML><BODY><CENTER><H1>
The current PHP time is: <BR>
<?php
// This is a comment
print strftime("%c");
?>
</H1></CENTER></BODY></HTML>
[root@linux120 /var/www/perl]# firefox http://www.linux220.example.com/test.php
(Gecko:7106): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:7106): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
[root@linux120 /var/www/perl]# pic10
# vi /www1/.htaccess
AuthName "restricted stuff"
AuthType Basic
AuthUserFile /etc/httpd/conf/mypasswd
require valid-user
# htpasswd -mc /etc/httpd/conf/mypasswd testuser
# cat /etc/httpd/conf/mypasswd
# vi /etc/httpd/conf/httpd.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin root@linux220.example.com
DocumentRoot /www1
ServerName www.linux220.example.com
<Directory /www1>
Options indexes includes
AllowOverride AuthConfig
</Directory>
ScriptAlias /cgi-bin/ /www1/cgi-bin/
</VirtualHost>
[root@linux120 /www1]# httpd -t
Syntax OK
[root@linux120 /www1]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 /www1]# pic11, 12
[root@linux120 /www1]# rm -f /www1/.htaccess
[root@linux120 /www1]#
WEB
[root@linux120 /www1]# cd /www1
[root@linux120 /www1]# mv index.php index.php.old
[root@linux120 /www1]# mkdir /www2 /www3
[root@linux120 /www1]# vi /www2/index.html
[root@linux120 /www1]# cat /www2/index.html
<H1><CENTER> www2 linux220(/www2) </CENTER></H1>
[root@linux120 /www1]# cp /www2/index.html /www3/index.html
[root@linux120 /www1]# vi /www3/index.html
[root@linux120 /www1]# cat /www3/index.html
<H1><CENTER> www3 linux220(/www3) </CENTER></H1>
[root@linux120 /www1]#
DNS
[root@linux220 ~]# DNS
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
45 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
;; (1) WEB Server
www IN A 172.16.6.120
www1 IN A 172.16.6.120
www2 IN A 172.16.6.120
www3 IN A 172.16.6.120
;www IN A 172.16.6.2
;www IN A 172.16.6.3
;www IN A 172.16.6.4
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
server1 IN A 172.16.6.252
test IN A 172.16.6.220
test1 IN A 172.16.6.220
test2 IN A 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 /var/named/chroot/var/named]# nslookup www1
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: www1.linux220.example.com
Address: 172.16.6.120
[root@linux220 /var/named/chroot/var/named]# nslookup www2
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: www2.linux220.example.com
Address: 172.16.6.120
[root@linux220 /var/named/chroot/var/named]# nslookup www3
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: www3.linux220.example.com
Address: 172.16.6.120
[root@linux220 /var/named/chroot/var/named]#
WEB
[root@linux120 /www1]# cd /etc/httpd/conf
[root@linux120 /etc/httpd/conf]# vi httpd.conf
[root@linux120 /etc/httpd/conf]# cat httpd.conf | tail -30
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin root@linux220.example.com
DocumentRoot /www1
ServerName www.linux220.example.com
<Directory /www1>
Options indexes includes
AllowOverride AuthConfig
</Directory>
ScriptAlias /cgi-bin/ /www1/cgi-bin/
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /www1
ServerName www1.linux220.example.com
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /www2
ServerName www2.linux220.example.com
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /www3
ServerName www3.linux220.example.com
</VirtualHost>
[root@linux120 /etc/httpd/conf]# httpd -t
Syntax OK
[root@linux120 /etc/httpd/conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 /etc/httpd/conf]# firefox &
[1] 7440
[root@linux120 /etc/httpd/conf]#
(Gecko:7440): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:7440): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
(Gecko:7440): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:7440): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:7440): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
SystemMessageCache: init
(Gecko:7440): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
[1]+ Done firefox
[root@linux120 /etc/httpd/conf]# pic13,14,15
vi 명령어 관련
: set nu
: 시작줄번호,끝줄번호s/^/#/ (주석설정)
: 끝줄번호,시작줄번호s/^#// (주석해제)
그림16
그림17
[root@linux120 /etc/httpd/conf]# cd /etc/sysconfig/network-scripts/
[root@linux120 /etc/sysconfig/network-scripts]# cat ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
NETMASK=255.255.0.0
IPADDR=172.16.6.120
GATEWAY=172.16.0.1
TYPE=Ethernet
HWADDR=00:0c:29:b3:e8:73
[root@linux120 /etc/sysconfig/network-scripts]# vi ifcfg-eth0
[root@linux120 /etc/sysconfig/network-scripts]# cat ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
NETMASK=255.255.0.0
IPADDR=172.16.6.120
GATEWAY=172.16.0.1
TYPE=Ethernet
[root@linux120 /etc/sysconfig/network-scripts]# cp ifcfg-eth0 ifcfg-eth0:1
[root@linux120 /etc/sysconfig/network-scripts]# vi ifcfg-eth0:1
[root@linux120 /etc/sysconfig/network-scripts]# cat ifcfg-eth0:1
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0:1
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
NETMASK=255.255.0.0
IPADDR=172.16.6.170
TYPE=Ethernet
[root@linux120 /etc/sysconfig/network-scripts]# cp ifcfg-eth0:1 ifcfg-eth0:2
[root@linux120 /etc/sysconfig/network-scripts]# vi ifcfg-eth0:2
[root@linux120 /etc/sysconfig/network-scripts]# cat ifcfg-eth0:2
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0:2
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
NETMASK=255.255.0.0
IPADDR=172.16.6.70
TYPE=Ethernet
[root@linux120 /etc/sysconfig/network-scripts]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
Bringing up interface eth1: [ OK ]
[root@linux120 /etc/sysconfig/network-scripts]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:B3:E8:73
inet addr:172.16.6.120 Bcast:172.16.255.255 Mask:255.255.0.0
inet6 addr: fec0:1234::20c:29ff:feb3:e873/64 Scope:Site
inet6 addr: fe80::20c:29ff:feb3:e873/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:102251 errors:3 dropped:0 overruns:0 frame:0
TX packets:4184 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:18104012 (17.2 MiB) TX bytes:469701 (458.6 KiB)
Interrupt:67 Base address:0x2000
eth0:1 Link encap:Ethernet HWaddr 00:0C:29:B3:E8:73
inet addr:172.16.6.170 Bcast:172.16.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:67 Base address:0x2000
eth0:2 Link encap:Ethernet HWaddr 00:0C:29:B3:E8:73
inet addr:172.16.6.70 Bcast:172.16.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:67 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:B3:E8:7D
inet addr:192.168.10.120 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:feb3:e87d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:211 errors:0 dropped:0 overruns:0 frame:0
TX packets:87 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:29863 (29.1 KiB) TX bytes:13285 (12.9 KiB)
Interrupt:67 Base address:0x2080
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2687 errors:0 dropped:0 overruns:0 frame:0
TX packets:2687 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3634260 (3.4 MiB) TX bytes:3634260 (3.4 MiB)
[root@linux120 /etc/sysconfig/network-scripts]# cd
[root@linux120 ~]# vi /etc/httpd/conf
[root@linux120 ~]# cd /etc/httpd/conf
[root@linux120 /etc/httpd/conf]# vi httpd.conf
[root@linux120 /etc/httpd/conf]# cat httpd.conf | tail -15
<VirtualHost 172.16.6.120:80>
DocumentRoot /www1
ServerName www1.linux220.example.com
</VirtualHost>
<VirtualHost 172.16.6.170:80>
DocumentRoot /www2
ServerName www2.linux220.example.com
</VirtualHost>
<VirtualHost 172.16.6.70:80>
DocumentRoot /www3
ServerName www3.linux220.example.com
</VirtualHost>
[root@linux120 /etc/httpd/conf]# httpd -t
Syntax OK
[root@linux120 /etc/httpd/conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 /etc/httpd/conf]# lynx http://172.16.6.120
[root@linux120 /etc/httpd/conf]# lynx http://172.16.6.170
[root@linux120 /etc/httpd/conf]# lynx http://172.16.6.70
[root@linux120 /etc/httpd/conf]# pic18,19,20
[root@linux120 /etc/httpd/conf]#
[root@linux120 /etc/httpd/conf]# cd /etc/sysconfig/network-scripts/
[root@linux120 /etc/sysconfig/network-scripts]# ls
ifcfg-eth0 ifdown ifdown-ipv6 ifdown-sit ifup-bnep ifup-ipx ifup-ppp ifup-wireless
ifcfg-eth0:1 ifdown-bnep ifdown-isdn ifdown-sl ifup-eth ifup-isdn ifup-routes init.ipv6-global
ifcfg-eth0:2 ifdown-eth ifdown-post ifdown-tunnel ifup-ippp ifup-plip ifup-sit net.hotplug
ifcfg-eth1 ifdown-ippp ifdown-ppp ifup ifup-ipsec ifup-plusb ifup-sl network-functions
ifcfg-lo ifdown-ipsec ifdown-routes ifup-aliases ifup-ipv6 ifup-post ifup-tunnel network-functions-ipv6
[root@linux120 /etc/sysconfig/network-scripts]# rm -f ifcfg-eth0:1 ifcfg-eth0:2
[root@linux120 /etc/sysconfig/network-scripts]# ls
ifcfg-eth0 ifdown-eth ifdown-post ifdown-tunnel ifup-ippp ifup-plip ifup-sit net.hotplug
ifcfg-eth1 ifdown-ippp ifdown-ppp ifup ifup-ipsec ifup-plusb ifup-sl network-functions
ifcfg-lo ifdown-ipsec ifdown-routes ifup-aliases ifup-ipv6 ifup-post ifup-tunnel network-functions-ipv6
ifdown ifdown-ipv6 ifdown-sit ifup-bnep ifup-ipx ifup-ppp ifup-wireless
ifdown-bnep ifdown-isdn ifdown-sl ifup-eth ifup-isdn ifup-routes init.ipv6-global
[root@linux120 /etc/sysconfig/network-scripts]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
Bringing up interface eth1: [ OK ]
[root@linux120 /etc/sysconfig/network-scripts]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:B3:E8:73
inet addr:172.16.6.120 Bcast:172.16.255.255 Mask:255.255.0.0
inet6 addr: fec0:1234::20c:29ff:feb3:e873/64 Scope:Site
inet6 addr: fe80::20c:29ff:feb3:e873/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:111929 errors:3 dropped:0 overruns:0 frame:0
TX packets:4218 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:19104440 (18.2 MiB) TX bytes:475572 (464.4 KiB)
Interrupt:67 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:B3:E8:7D
inet addr:192.168.10.120 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:feb3:e87d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:240 errors:0 dropped:0 overruns:0 frame:0
TX packets:123 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:34271 (33.4 KiB) TX bytes:19630 (19.1 KiB)
Interrupt:67 Base address:0x2080
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2717 errors:0 dropped:0 overruns:0 frame:0
TX packets:2717 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3637766 (3.4 MiB) TX bytes:3637766 (3.4 MiB)
[root@linux120 /etc/sysconfig/network-scripts]# vi /etc/httpd/conf/httpd.conf
[root@linux120 /etc/sysconfig/network-scripts]# cat /etc/httpd/conf/httpd.conf | tail -40
AllowOverride AuthConfig
</Directory>
ScriptAlias /cgi-bin/ /www1/cgi-bin/
</VirtualHost>
##############################
# Name-Based Virtual Hosting #
##############################
<VirtualHost *:80>
DocumentRoot /www1
ServerName www1.linux220.example.com
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /www2
ServerName www2.linux220.example.com
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /www3
ServerName www3.linux220.example.com
</VirtualHost>
############################
# IP-Based Virtual Hosting #
############################
#<VirtualHost 172.16.6.120:80>
# DocumentRoot /www1
# ServerName www1.linux220.example.com
#</VirtualHost>
#
#<VirtualHost 172.16.6.170:80>
# DocumentRoot /www2
# ServerName www2.linux220.example.com
#</VirtualHost>
#
#<VirtualHost 172.16.6.70:80>
# DocumentRoot /www3
# ServerName www3.linux220.example.com
#</VirtualHost>
[root@linux120 /etc/sysconfig/network-scripts]#
[root@linux120 ~]# cd /etc/httpd/conf/httpd.conf
bash: cd: /etc/httpd/conf/httpd.conf: Not a directory
[root@linux120 ~]# cd /etc/httpd/conf/
[root@linux120 /etc/httpd/conf]# vi httpd.conf
[root@linux120 /etc/httpd/conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 /etc/httpd/conf]# firefox http://www.linux220.example.com/server-info &
[1] 8505
[root@linux120 /etc/httpd/conf]#
(Gecko:8505): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:8505): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
(Gecko:8505): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
[root@linux120 /etc/httpd/conf]# pic21,22,23
[root@linux120 /etc/httpd/conf]# vi httpd.conf
[root@linux120 /etc/httpd/conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 /etc/httpd/conf]# firefox http://www.linux220.example.com/server-status &
[2] 8614
[root@linux120 /etc/httpd/conf]# pic24,25,26
[2]+ Done firefox http://www.linux220.example.com/server-status
[root@linux120 /etc/httpd/conf]# cd ../conf.d
[root@linux120 /etc/httpd/conf.d]# ls
manual.conf perl.conf php.conf proxy_ajp.conf python.conf README squid.conf ssl.conf webalizer.conf welcome.conf
[root@linux120 /etc/httpd/conf.d]# vi webalizer.conf
[root@linux120 /etc/httpd/conf.d]# cat webalizer.conf
#
# This configuration file maps the webalizer log analysis
# results (generated daily) into the URL space. By default
# these results are only accessible from the local host.
#
Alias /usage /var/www/usage
<Location /usage>
Order deny,allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
# Allow from .example.com
</Location>
[root@linux120 /etc/httpd/conf.d]#
(Gecko:8505): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:8505): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
[root@linux120 /etc/httpd/conf.d]# 1462358465627 addons.update-checker WARN Update manifest for {972ce4c6-7e08-4474-a285-3208198ce6fd} did not contain an updates property
[1]+ Done firefox http://www.linux220.example.com/server-info (wd: /etc/httpd/conf)
(wd now: /etc/httpd/conf.d)
[root@linux120 /etc/httpd/conf.d]# pic27,28,29,30
[root@linux120 ~]# lynx -head http://www.linux220.example.com
[root@linux120 ~]# vi /etc/httpd/conf/httpd.conf
[root@linux120 ~]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@linux120 ~]# lynx -head http://www.linux220.example.com
[root@linux120 ~]# pic31
[root@linux220 ~]# rpm -qa | grep vsftpd
vsftpd-2.0.5-28.el5
[root@linux220 ~]# rpm -ql vsftpd
/etc/logrotate.d/vsftpd.log
/etc/pam.d/vsftpd
/etc/rc.d/init.d/vsftpd
/etc/vsftpd
/etc/vsftpd/ftpusers
/etc/vsftpd/user_list
/etc/vsftpd/vsftpd.conf
/etc/vsftpd/vsftpd_conf_migrate.sh
/usr/sbin/vsftpd
/usr/share/doc/vsftpd-2.0.5
/usr/share/doc/vsftpd-2.0.5/AUDIT
/usr/share/doc/vsftpd-2.0.5/BENCHMARKS
/usr/share/doc/vsftpd-2.0.5/BUGS
/usr/share/doc/vsftpd-2.0.5/COPYING
/usr/share/doc/vsftpd-2.0.5/Changelog
/usr/share/doc/vsftpd-2.0.5/EXAMPLE
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE/README
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE/vsftpd.conf
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE/vsftpd.xinetd
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE/vsftpd.xinetd.dir
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE_NOINETD
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE_NOINETD/README
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE_NOINETD/README.dir
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/INTERNET_SITE_NOINETD/vsftpd.conf
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/PER_IP_CONFIG
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/PER_IP_CONFIG/README
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/PER_IP_CONFIG/README.dir
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/PER_IP_CONFIG/hosts.allow
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/PER_IP_CONFIG/hosts.allow.dir
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/README
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_HOSTS
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_HOSTS/README
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_USERS
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_USERS/README
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_USERS/README.dir
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_USERS/logins.txt
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_USERS/vsftpd.conf
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_USERS/vsftpd.pam
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_USERS/vsftpd.pam.dir
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_USERS_2
/usr/share/doc/vsftpd-2.0.5/EXAMPLE/VIRTUAL_USERS_2/README
/usr/share/doc/vsftpd-2.0.5/FAQ
/usr/share/doc/vsftpd-2.0.5/INSTALL
/usr/share/doc/vsftpd-2.0.5/LICENSE
/usr/share/doc/vsftpd-2.0.5/README
/usr/share/doc/vsftpd-2.0.5/README.security
/usr/share/doc/vsftpd-2.0.5/REWARD
/usr/share/doc/vsftpd-2.0.5/SECURITY
/usr/share/doc/vsftpd-2.0.5/SECURITY/DESIGN
/usr/share/doc/vsftpd-2.0.5/SECURITY/IMPLEMENTATION
/usr/share/doc/vsftpd-2.0.5/SECURITY/OVERVIEW
/usr/share/doc/vsftpd-2.0.5/SECURITY/TRUST
/usr/share/doc/vsftpd-2.0.5/SIZE
/usr/share/doc/vsftpd-2.0.5/SPEED
/usr/share/doc/vsftpd-2.0.5/TODO
/usr/share/doc/vsftpd-2.0.5/TUNING
/usr/share/doc/vsftpd-2.0.5/vsftpd.xinetd
/usr/share/man/man5/vsftpd.conf.5.gz
/usr/share/man/man8/vsftpd.8.gz
/var/ftp
/var/ftp/pub
[root@linux220 ~]# cd /etc/vsftpd
[root@linux220 /etc/vsftpd]# ls
ftpusers user_list vsftpd.conf vsftpd_conf_migrate.sh
[root@linux220 /etc/vsftpd]# cat ftpusers
# Users that are not allowed to login via ftp
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
[root@linux220 /etc/vsftpd]# cat user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
[root@linux220 /etc/vsftpd]# cat vsftpd.conf
# Example config file /etc/vsftpd/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=YES
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# The target log file can be vsftpd_log_file or xferlog_file.
# This depends on setting xferlog_std_format parameter
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# The name of log file when xferlog_enable=YES and xferlog_std_format=YES
# WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log
#xferlog_file=/var/log/xferlog
#
# Switches between logging into vsftpd_log_file and xferlog_file files.
# NO writes to vsftpd_log_file, YES to xferlog_file
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
#
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd whith two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@linux220 /etc/vsftpd]# ftp localhost
ftp: connect: Connection refused
ftp> quit
[root@linux220 /etc/vsftpd]# service vsftpd restart
Shutting down vsftpd: [FAILED]
Starting vsftpd for vsftpd: [ OK ]
[root@linux220 /etc/vsftpd]# pgrep -lf vsftpd
6084 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
[root@linux220 /etc/vsftpd]# vsftpd -v
vsftpd: version 2.0.5
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): root
530 Permission denied.
Login failed.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): fedora
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
227 Entering Passive Mode (127,0,0,1,35,128)
150 Here comes the directory listing.
226 Directory send OK.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]# vi ftpusers
[root@linux220 /etc/vsftpd]# cat ftpusers
# Users that are not allowed to login via ftp
#root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
[root@linux220 /etc/vsftpd]# vi user_list
[root@linux220 /etc/vsftpd]# cat user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
#root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): root
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
227 Entering Passive Mode (127,0,0,1,101,62)
150 Here comes the directory listing.
drwxr-xr-x 2 0 0 4096 Apr 11 20:24 Desktop
drwx------ 2 0 0 4096 May 02 11:52 Downloads
-rw-r--r-- 1 0 0 1690 Apr 27 09:17 RPM-GPG-KEY-test
-rw------- 1 0 0 1413 Apr 11 18:41 anaconda-ks.cfg
drwxr-xr-x 2 0 0 4096 Apr 28 11:49 bin
-rw------- 1 0 0 92 Apr 26 13:15 dead.letter
-rw-r--r-- 1 0 0 30720 Apr 11 18:41 install.log
-rw-r--r-- 1 0 0 5639 Apr 11 18:41 install.log.syslog
-rw------- 1 0 0 32567 Apr 26 13:16 mbox
drwxr-xr-x 3 0 0 4096 Apr 22 11:41 mnt
drwxr-xr-x 3 0 0 4096 Apr 26 13:03 workspace
-rw-r--r-- 1 0 0 278362 Apr 26 11:44 yum.log
226 Directory send OK.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]#
[root@linux220 ~]# grep user /etc/passwd
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
user01:x:501:501::/home/user01:/bin/bash
user02:x:502:502::/home/user02:/bin/bash
user03:x:503:503::/home/user03:/bin/bash
[root@linux220 ~]# vi /etc/vsftpd/ftpusers
[root@linux220 ~]# cat /etc/vsftpd/ftpusers | tail -3
games
nobody
user01
[root@linux220 ~]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp> quit
221 Goodbye.
[root@linux220 ~]# cd /etc/vsftpd/
[root@linux220 /etc/vsftpd]# vi ftpusers
[root@linux220 /etc/vsftpd]# cat ftpusers | tail -3
operator
games
nobody
[root@linux220 /etc/vsftpd]# vi user_list
[root@linux220 /etc/vsftpd]# cat user_list | tail -3
games
nobody
user01
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
530 Permission denied.
Login failed.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]# vi user_list
[root@linux220 /etc/vsftpd]# cat user_list | tail -3
operator
games
nobody
[root@linux220 /etc/vsftpd]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): user01
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
221 Goodbye.
[root@linux220 /etc/vsftpd]#
[root@linux220 /etc/vsftpd]# cat /etc/resolv.conf
search linux220.example.com
nameserver 172.16.6.220
nameserver 168.126.63.1
[root@linux220 /etc/vsftpd]# rpm -qa | grep gftp
[root@linux220 /etc/vsftpd]# yum -y install gftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.daumkakao.com
* extras: ftp.daumkakao.com
* updates: ftp.daumkakao.com
base | 1.1 kB 00:00
extras | 2.1 kB 00:00
updates | 1.9 kB 00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package gftp.i386 1:2.0.18-3.2.2 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================
Installing:
gftp i386 1:2.0.18-3.2.2 base 939 k
Transaction Summary
=============================================================================================================================
Install 1 Package(s)
Upgrade 0 Package(s)
Total download size: 939 k
Downloading Packages:
gftp-2.0.18-3.2.2.i386.rpm | 939 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : gftp 1/1
Installed:
gftp.i386 1:2.0.18-3.2.2
Complete!
[root@linux220 /etc/vsftpd]# gftp &
[1] 6224
[root@linux220 /etc/vsftpd]# pic32,33,34
[1]+ Done gftp
[root@linux220 /etc/vsftpd]#
[root@linux220 /etc/vsftpd]# cd /root
[root@linux220 ~]# dd if=/dev/zero of=linux220.txt bs=1M count=1
1+0 records in
1+0 records out
1048576 bytes (1.0 MB) copied, 0.00131615 seconds, 797 MB/s
[root@linux220 ~]# ls -lh
total 1.4M
-rw------- 1 root root 1.4K Apr 12 03:41 anaconda-ks.cfg
drwxr-xr-x 2 root root 4.0K Apr 28 20:49 bin
-rw------- 1 root root 92 Apr 26 22:15 dead.letter
drwxr-xr-x 2 root root 4.0K Apr 12 05:24 Desktop
drwx------ 2 root root 4.0K May 2 20:52 Downloads
-rw-r--r-- 1 root root 30K Apr 12 03:41 install.log
-rw-r--r-- 1 root root 5.6K Apr 12 03:41 install.log.syslog
-rw-r--r-- 1 root root 1.0M May 4 20:42 linux220.txt
-rw------- 1 root root 32K Apr 26 22:16 mbox
drwxr-xr-x 3 root root 4.0K Apr 22 20:41 mnt
-rw-r--r-- 1 root root 1.7K Apr 27 18:17 RPM-GPG-KEY-test
drwxr-xr-x 3 root root 4.0K Apr 26 22:03 workspace
-rw-r--r-- 1 root root 272K Apr 26 20:44 yum.log
[root@linux220 ~]# ftp 172.16.9.252
Connected to 172.16.9.252.
220-
220-+=================================================+
220-| |
220-| Welcome to linux252.example.com |
220-| |
220-| |
220-| This is the linux252.example.com test server. |
220-| |
220-| If you have not already done so, make sure |
220-| you have read the Downloading/Installation, |
220-| FAQ, and Disclaimer links on |
220-| http://www.solaris254.example.com. |
220-| |
220-| This is a restricted access system. All |
220-| tranfers are logged. If you disagree |
220-| with this practice, log off now. |
220-| |
220-| Questions go to SeoungChan Baik at |
220-| the address given on linux252.example.com |
220-| |
220-| |
220-+=================================================+
220-
220
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (172.16.9.252:root): root
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> help
Commands may be abbreviated. Commands are:
! cr mdir proxy send
$ delete mget sendport site
account debug mkdir put size
append dir mls pwd status
ascii disconnect mode quit struct
bell form modtime quote system
binary get mput recv sunique
bye glob newer reget tenex
case hash nmap rstatus trace
ccc help nlist rhelp type
cd idle ntrans rename user
cdup image open reset umask
chmod lcd passive restart verbose
clear ls private rmdir ?
close macdef prompt runique
cprotect mdelete protect safe
ftp> help lcd
lcd change local working directory
ftp> cd /tmp
250 Directory successfully changed.
ftp> lcd /root
Local directory now /root
ftp> bin
200 Switching to Binary mode.
ftp> hash
Hash mark printing on (1024 bytes/hash mark).
ftp> prompt
Interactive mode off.
ftp> prompt
Interactive mode on.
ftp> prompt
Interactive mode off.
ftp> mput linux*
local: linux220.txt remote: linux220.txt
227 Entering Passive Mode (172,16,9,252,24,172)
150 Ok to send data.
################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################
226 File receive OK.
1048576 bytes sent in 0.067 seconds (1.5e+04 Kbytes/s)
ftp> ls
227 Entering Passive Mode (172,16,9,252,46,39)
150 Here comes the directory listing.
srwxr-xr-x 1 0 0 0 Aug 13 2015 gnome-system-monitor.root.1658004427
drwx------ 2 0 0 4096 Mar 15 2014 keyring-0Sbztt
drwx------ 2 0 0 4096 Jan 08 2014 keyring-0XWEVm
drwx------ 2 0 0 4096 May 21 2014 keyring-4Wxn2D
drwx------ 2 0 0 4096 Jan 06 2014 keyring-6ovLlW
drwx------ 2 0 0 4096 Jan 07 2014 keyring-7PyQlJ
drwx------ 2 0 0 4096 Jan 03 01:36 keyring-9CSi5d
drwx------ 2 0 0 4096 Aug 30 2015 keyring-KMJfwp
drwx------ 2 0 0 4096 Jul 23 2015 keyring-NEEPzf
drwx------ 2 0 0 4096 Aug 19 2013 keyring-WalEoF
drwx------ 2 0 0 4096 Jul 28 2014 keyring-YRzmsK
drwx------ 2 0 0 4096 Jun 27 2014 keyring-bme1HZ
drwx------ 2 0 0 4096 Apr 18 2014 keyring-cV3tPp
drwx------ 2 0 0 4096 Aug 16 2013 keyring-cymkhF#
drwx------ 2 0 0 4096 Sep 19 2015 keyring-i1YyLu
drwx------ 2 0 0 4096 May 20 2015 keyring-uBn1g3
drwx------ 2 0 0 4096 Mar 04 2014 keyring-w9ht8I
drwx------ 2 0 0 4096 Aug 08 2013 keyring-yugf4o
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux1
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux2
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux200
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux200.txt
-rw-r--r-- 1 0 0 1980 May 04 11:52 linux201
-rw-r--r-- 1 0 0 2019 May 04 11:52 linux202
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux202.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux203
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux203.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux204
-rw-r--r-- 1 0 0 1980 May 04 11:52 linux205#
-rw-r--r-- 1 0 0 1980 May 04 11:52 linux206
-rw-r--r-- 1 0 0 1048576 May 04 11:44 linux207.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux208
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux209
-rw-r--r-- 1 0 0 1048576 May 04 11:49 linux209.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux210
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux210.txt
-rw-r--r-- 1 0 0 1658 May 04 11:52 linux211
-rw-r--r-- 1 0 0 1048576 May 04 11:52 linux211.txt
-rw-r--r-- 1 0 0 1658 May 04 11:52 linux212
-rw-r--r-- 1 0 0 1987 May 04 11:52 linux213
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux213.txt
-rw-r--r-- 1 0 0 1048576 May 04 11:48 linux214.txt
-rw-r--r-- 1 0 0 2026 May 04 11:52 linux216
-rw-r--r-- 1 0 0 1048576 May 04 11:52 linux216.txt#
-rw-r--r-- 1 0 0 1945 May 04 11:52 linux217
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux217.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux218
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux218.txt
-rw-r--r-- 1 0 0 1904 May 04 11:52 linux220
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux220.txt
-rw-r--r-- 1 0 0 1980 May 04 11:52 linux223
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux224
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux225
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux226
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux228
-rw-r--r-- 1 0 0 1048576 May 04 11:52 linux228.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux229
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux3
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux4#
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux5
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile200
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile201
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile202
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile203
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile204
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile205
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile206
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile208
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile209
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile210
-rw-r--r-- 1 0 0 641020 May 04 11:52 linuxfile211
-rw-r--r-- 1 0 0 641020 May 04 11:52 linuxfile212
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile213
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile216#
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile217
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile218
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile220
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile223
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile224
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile225
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile226
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile228
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile229
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxtile202
srwxr-xr-x 1 0 0 0 Apr 07 09:43 mapping-root
srw------- 1 0 0 0 Aug 25 2015 scim-panel-socket172.16.10.3:0-root
srw------- 1 0 0 0 Jan 20 2014 scim-panel-socket172.16.9.247:0-root
srw------- 1 0 0 0 Feb 27 2014 scim-panel-socket172.16.9.2:0-root#
srw------- 1 0 0 0 Apr 07 09:43 scim-panel-socket:0-root
drwxr-xr-x 2 0 0 4096 Apr 26 11:18 vmware-root
drwx------ 2 0 0 4096 Apr 26 11:18 vmware-root-2468327275
#
226 Directory send OK.
ftp> !ls
anaconda-ks.cfg dead.letter Downloads install.log.syslog mbox RPM-GPG-KEY-test yum.log
bin Desktop install.log linux220.txt mnt workspace
ftp> quit
221 Goodbye.
[root@linux220 ~]# ftp 172.16.9.252
Connected to 172.16.9.252.
220-
220-+=================================================+
220-| |
220-| Welcome to linux252.example.com |
220-| |
220-| |
220-| This is the linux252.example.com test server. |
220-| |
220-| If you have not already done so, make sure |
220-| you have read the Downloading/Installation, |
220-| FAQ, and Disclaimer links on |
220-| http://www.solaris254.example.com. |
220-| |
220-| This is a restricted access system. All |
220-| tranfers are logged. If you disagree |
220-| with this practice, log off now. |
220-| |
220-| Questions go to SeoungChan Baik at |
220-| the address given on linux252.example.com |
220-| |
220-| |
220-+=================================================+
220-
220
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (172.16.9.252:root): root
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> help
Commands may be abbreviated. Commands are:
! cr mdir proxy send
$ delete mget sendport site
account debug mkdir put size
append dir mls pwd status
ascii disconnect mode quit struct
bell form modtime quote system
binary get mput recv sunique
bye glob newer reget tenex
case hash nmap rstatus trace
ccc help nlist rhelp type
cd idle ntrans rename user
cdup image open reset umask
chmod lcd passive restart verbose
clear ls private rmdir ?
close macdef prompt runique
cprotect mdelete protect safe
ftp> help lcd
lcd change local working directory
ftp> cd /tmp
250 Directory successfully changed.
ftp> lcd /test
Local directory now /test
ftp> bin
200 Switching to Binary mode.
ftp> hash
Hash mark printing on (1024 bytes/hash mark).
ftp> prompt
Interactive mode off.
ftp> dir linux*
227 Entering Passive Mode (172,16,9,252,250,55)
150 Here comes the directory listing.
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux1
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux2
-rw-r--r-- 1 0 0 1986 May 04 11:53 linux200
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux200.txt
-rw-r--r-- 1 0 0 1980 May 04 11:52 linux201
-rw-r--r-- 1 0 0 2019 May 04 11:52 linux202
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux202.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux203
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux203.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux204
-rw-r--r-- 1 0 0 1048576 May 04 11:52 linux204.txt
-rw-r--r-- 1 0 0 1980 May 04 11:52 linux205
-rw-r--r-- 1 0 0 1048576 May 04 11:53 linux205.txt
-rw-r--r-- 1 0 0 1980 May 04 11:52 linux206
-rw-r--r-- 1 0 0 1048576 May 04 11:44 linux207.txt#
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux208
-rw-r--r-- 1 0 0 1048576 May 04 11:53 linux208.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux209
-rw-r--r-- 1 0 0 1048576 May 04 11:49 linux209.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux210
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux210.txt
-rw-r--r-- 1 0 0 1658 May 04 11:52 linux211
-rw-r--r-- 1 0 0 1048576 May 04 11:52 linux211.txt
-rw-r--r-- 1 0 0 1658 May 04 11:52 linux212
-rw-r--r-- 1 0 0 1987 May 04 11:52 linux213
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux213.txt
-rw-r--r-- 1 0 0 1048576 May 04 11:48 linux214.txt
-rw-r--r-- 1 0 0 2026 May 04 11:52 linux216
-rw-r--r-- 1 0 0 1048576 May 04 11:52 linux216.txt
-rw-r--r-- 1 0 0 1945 May 04 11:52 linux217#
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux217.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux218
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux218.txt
-rw-r--r-- 1 0 0 1904 May 04 11:52 linux220
-rw-r--r-- 1 0 0 1048576 May 04 11:51 linux220.txt
-rw-r--r-- 1 0 0 1980 May 04 11:52 linux223
-rw-r--r-- 1 0 0 1048576 May 04 11:53 linux223.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux224
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux225
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux226
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux228
-rw-r--r-- 1 0 0 1048576 May 04 11:52 linux228.txt
-rw-r--r-- 1 0 0 1986 May 04 11:52 linux229
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux3
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux4#
-rw-r--r-- 1 0 0 1875796 May 04 11:49 linux5
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile200
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile201
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile202
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile203
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile204
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile205
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile206
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile208
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile209
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile210
-rw-r--r-- 1 0 0 641020 May 04 11:52 linuxfile211
-rw-r--r-- 1 0 0 641020 May 04 11:52 linuxfile212
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile213
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile216#
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile217
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile218
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile220
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile223
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile224
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile225
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile226
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile228
-rw-r--r-- 1 0 0 362031 May 04 11:52 linuxfile229
-rw-r--r-- 1 0 0 362031 May 04 11:53 linuxtile202
#
226 Directory send OK.
ftp> mget *220*
local: linux220 remote: linux220
227 Entering Passive Mode (172,16,9,252,41,6)
150 Opening BINARY mode data connection for linux220 (1904 bytes).
#
226 File send OK.
1904 bytes received in 8.9e-05 seconds (2.1e+04 Kbytes/s)
local: linux220.txt remote: linux220.txt
227 Entering Passive Mode (172,16,9,252,202,142)
150 Opening BINARY mode data connection for linux220.txt (1048576 bytes).
################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################
226 File send OK.
1048576 bytes received in 0.095 seconds (1.1e+04 Kbytes/s)
local: linuxfile220 remote: linuxfile220
227 Entering Passive Mode (172,16,9,252,153,30)
150 Opening BINARY mode data connection for linuxfile220 (362031 bytes).
#################################################################################################################################################################################################################################################################################################################################################################
226 File send OK.
362031 bytes received in 0.035 seconds (1e+04 Kbytes/s)
ftp> !ls -l
total 1408
-rw-r--r-- 1 root root 5 May 4 16:02 echo.start
-rw-r--r-- 1 root root 2076 Apr 28 20:40 file1
-rw-r--r-- 1 root root 2076 Apr 28 20:40 file2
-rw-r--r-- 1 root root 2076 Apr 28 20:40 file3
-rw-r--r-- 1 root root 1904 May 4 20:55 linux220
-rw-r--r-- 1 root root 1048576 May 4 20:55 linux220.txt
-rw-r--r-- 1 root root 362031 May 4 20:55 linuxfile220
ftp> bye
221 Goodbye.
[root@linux220 ~]#
---------------------------------------------------------------------------------
[참고] Windows FTP Client <---> Linux(CentOS 5.X) FTP Server
C:\>ftp 172.16.6.220
172.16.6.220에 연결되었습니다.
220 (vsFTPd 2.0.5)
사용자(172.16.6.220:(none)): root
331 Please specify the password.
암호:
230 Login successful.
ftp> cd /root
250 Directory successfully changed.
ftp> lcd c:\test
현재 로컬 디렉터리 C:\test.
ftp> bin
200 Switching to Binary mode.
ftp> hash
해시 표시 인쇄 켜기 ftp: (2048바이트/해시 표시) .
ftp> prompt
대화형 모드 끄기 .
ftp> mget linux*
200 Switching to Binary mode.
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for linux220.txt (1048576 bytes).
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################################################################
################################226 File send OK.
ftp: 0.05초 21845.33KB/초
ftp> quit
221 Goodbye.
C:\>cd test
C:\test>dir
C 드라이브의 볼륨에는 이름이 없습니다.
볼륨 일련 번호: 42A9-BC7B
C:\test 디렉터리
2016-05-04 오후 09:01 <DIR> .
2016-05-04 오후 09:01 <DIR> ..
2016-05-04 오후 09:01 1,048,576 linux220.txt
1개 파일 1,048,576 바이트
2개 디렉터리 183,724,163,072 바이트 남음
C:\test>
그림35
<Windows> + <E>
<Windows> + <R> = <CTRL + ESC> = <Windows>
<Windows> + <D>
---------------------------------------------------------------------------------
'모의해킹 침해대응 전문가 과정' 카테고리의 다른 글
| 20160510 리눅스 네트워크 (0) | 2016.05.11 |
|---|---|
| 20160509 리눅스 네트워크 (0) | 2016.05.10 |
| 20160503 리눅스 네트워크 (0) | 2016.05.04 |
| 20160502 리눅스 네트워크 (0) | 2016.05.03 |
| 20160429 리눅스 네트워크 (0) | 2016.05.01 |